Electronic forms of content, from e-mail to Web sites, have opened the doors
of collaboration in ways that defy the old boundaries of time and geography.
With opportunity comes greater risk, however, because of the ease of
proliferation, duplication and modification of content. From a security
standpoint, there's a higher potential for loss of control over enterprise
content. And from a risk standpoint, it's no coincidence that security
concerns coexist with growth in industry and governmental regulation
regarding content disclosure and secrecy.

Just as executives are seeking innovative ways to leverage content for
increased market penetration, collaboration and profits, recent court
rulings and regulations have made these same leaders apprehensive about
providing content access. They don't have to fear, however, as 'security'
and 'sharing' are not incompatible concepts. Content security is an emerging
technology approach to handling content in an intelligent and flexible way.
Behind the approach is a new philosophy that you can strengthen conventional
security while simultaneously increasing opportunities for revenue and
partnership through sharing.

Content security is not an easily obtained solution; there is no single
out-of-the-box solution or single provider as yet. To be effective, it has
to be built to specification following an extensive analysis of your
business. Risks have to be weighed against opportunity, technology
alternatives and capabilities understood, and business objectives and return
on investment have to be considered. The business sponsor must work closely
with a technologist to understand the strengths and weaknesses of point
functionality and how orchestration and integration complement one another.

Among the technologies that will be fundamental to content security systems
are document management, content management, user authentication, content
authentication, digital rights management, enterprise rights management,
e-mail management and e-records management. Their application must permit
security down to at least the document (or message) level, as opposed to a
collection/server level. It must also be policy driven, and for the utmost
effect, it must permit embedded policies within the content. Ideally  and
this will be the secret sauce  a single policy should be leveraged across
all these technology components in an orchestrated manner that is
transparent to the content consumer.

By instilling these characteristics and capabilities, it is possible to
build a security system that secures content without the ongoing human
intervention demanded by most security solutions. Better yet, content
security can be enforced for the duration of each individual content object,
no matter how or where it is used or stored.

Refocus your thinking so that security issues are business decisions, not
technology decisions. Content security can promote new opportunity and
business models. The initial investment may be sparked by compliance demands
and piracy risks, but the lasting value will come from opportunities such as
intelligent orchestration of potential mergers and acquisitions, paid
subscription models to IP and broad-based secure collaboration.

While the exact nature of your deployment of content security may be
unknown, one thing is certain: In the next three years, this emerging
functionality is destined to become not just an issue of competitive
advantage but a benchmark for business leadership.

Take the Survey: Delphi is currently conducting an online survey on content
security. In exchange for your participation, you will receive access to the
prepublication results.

Carl Frappaolo and Dan Keldsen of the Delphi Group provided this "Managing
Content" guest opinion.

An executive overview of this report will be shared in an upcoming "Managing
Content" newsletter. Please share your current understanding and plans for
content security by taking the survey, which takes five to 10 minutes to
complete.